Description

Ransomware is seen as one of the most successful cyber attacks in the Asia-Pacific. The following high profile incidents had a significant business and economic impact on Asia. The estimated economic impact of ransomware on the Asia-Pacific businesses and critical operations is expected to be at the range of hundreds of millions of dollars a year, in consideration of the following:
1) productivity costs due to infected computing systems
2) incident recovery costs
3) possible ransom paid to cyber attackers
4) other associated post-breach costs related to conducting investigations, paying fines, and settling lawsuits.

It is recommended to set a practice of preventive, detective, and remediation controls against ransomware, across people, processes, and technology. Ransomware attacks will only increase in the near future and it is for the companies, governments, and individuals to take adequate precautions. With Ransomware as a Service (RaaS) and DIY Kits now easily available on the web, attacks due to ransomware will only increase. Companies should educate employees about the risks of ransomware and what needs to be done in case of a suspicious activity, ensure that security patches are in place, and minimize any vulnerability. They also need to and limit the access to sensitive data and have a robust backup plan.

A list of the leading practices, which is researched with both the supply (security vendors, service providers) and demand (end users and regulators) of the cyber security ecosystem are mentioned in this paper. A summary preview is provided for end users’ considerations pertaining to ransomware mitigation, which is not a representation of all security solutions and associated professional services from each provider. These players can be broadly categorized into four areas - platform cyber security providers, network centric providers, endpoint centric providers, and backup and storage providers.

Companies mentioned in this paper include Cisco Systems, Checkpoint, FireEye, Forcepoint, McAfee, Palo Alto Networks, Sophos, Symantec, WatchGuard, ForeScout, Illusive, Jiransoft, Juniper Network, Lastline, NPCore, Proofpoint, SonicWall, Sasa Software, TrapX, WINS, Zscaler, Carbon Black, CrowdStrike, Deep Instinct, Kaspersky Lab, MalwareBytes, Reaqta, SentinetOne, V-secure Technology, 360 ESG, Acronis, CommVault, and Veeam. The countries included in this study are Australia, New Zealand, Singapore, Malaysia, Indonesia, the Philippines, Thailand, Vietnam, China, Hong Kong, Taiwan, India, Japan, and South Korea.

Key Questions This Study Will Answer
• What are the success factors of ransomware?
• What are the business and economic impacts of ransomware attacks to the countries in Asia Pacific?
• What are the cyber security best practices against ransomware?
• Who are the industry players that provide security solution pertaining to ransomware mitigation?
• What are the emerging areas that are prone to higher threats in the future?